File: app_mode_utils.cc

package info (click to toggle)
chromium 138.0.7204.157-1
  • links: PTS, VCS
  • area: main
  • in suites: trixie
  • size: 6,071,864 kB
  • sloc: cpp: 34,936,859; ansic: 7,176,967; javascript: 4,110,704; python: 1,419,953; asm: 946,768; xml: 739,967; pascal: 187,324; sh: 89,623; perl: 88,663; objc: 79,944; sql: 50,304; cs: 41,786; fortran: 24,137; makefile: 21,806; php: 13,980; tcl: 13,166; yacc: 8,925; ruby: 7,485; awk: 3,720; lisp: 3,096; lex: 1,327; ada: 727; jsp: 228; sed: 36
file content (143 lines) | stat: -rw-r--r-- 4,037 bytes parent folder | download | duplicates (3)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
// Copyright 2013 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#include "chrome/browser/app_mode/app_mode_utils.h"

#include <stddef.h>

#include <optional>

#include "base/check.h"
#include "base/command_line.h"
#include "base/containers/contains.h"
#include "base/feature_list.h"
#include "base/strings/string_split.h"
#include "chrome/app/chrome_command_ids.h"
#include "chrome/browser/policy/policy_util.h"
#include "chrome/common/chrome_switches.h"
#include "chrome/common/pref_names.h"
#include "components/content_settings/core/common/content_settings_pattern.h"
#include "components/permissions/features.h"
#include "components/prefs/pref_service.h"
#include "url/gurl.h"

#if BUILDFLAG(IS_CHROMEOS)
#include "chromeos/components/kiosk/kiosk_utils.h"
#endif

namespace {

// If the device is running in forced app mode, returns the ID of the app for
// which the device is forced in app mode. Otherwise, returns nullopt.
std::optional<std::string> GetForcedAppModeApp() {
  base::CommandLine* command_line = base::CommandLine::ForCurrentProcess();
  if (!command_line->HasSwitch(switches::kForceAppMode) ||
      !command_line->HasSwitch(switches::kAppId)) {
    return std::nullopt;
  }

  return command_line->GetSwitchValueASCII(switches::kAppId);
}

// This method matches the `origin` with the url patterns from
// https://chromeenterprise.google/policies/url-patterns/. Note: just using the
// "*" wildcard is not allowed.
#if BUILDFLAG(IS_CHROMEOS)
bool IsOriginAllowedByPermissionFeatureFlag(
    const std::vector<std::string>& allowlist,
    const GURL& origin) {
  if (allowlist.empty()) {
    return false;
  }

  for (auto const& value : allowlist) {
    ContentSettingsPattern pattern = ContentSettingsPattern::FromString(value);
    if (pattern == ContentSettingsPattern::Wildcard() || !pattern.IsValid()) {
      continue;
    }

    if (pattern.Matches(origin)) {
      return true;
    }
  }

  return false;
}
#endif

}  // namespace

bool IsCommandAllowedInAppMode(int command_id, bool is_popup) {
  DCHECK(IsRunningInForcedAppMode());

  constexpr int kAllowed[] = {
      IDC_BACK,
      IDC_DEV_TOOLS,
      IDC_DEV_TOOLS_CONSOLE,
      IDC_DEV_TOOLS_INSPECT,
      IDC_FORWARD,
      IDC_RELOAD,
      IDC_CLOSE_FIND_OR_STOP,
      IDC_STOP,
      IDC_RELOAD_BYPASSING_CACHE,
      IDC_RELOAD_CLEARING_CACHE,
      IDC_CUT,
      IDC_COPY,
      IDC_PASTE,
      IDC_ZOOM_PLUS,
      IDC_ZOOM_NORMAL,
      IDC_ZOOM_MINUS,
      IDC_CARET_BROWSING_TOGGLE,
  };

  constexpr int kAllowedPopup[] = {IDC_CLOSE_TAB};

  return base::Contains(kAllowed, command_id) ||
         (is_popup && base::Contains(kAllowedPopup, command_id));
}

bool IsRunningInAppMode() {
  base::CommandLine* command_line = base::CommandLine::ForCurrentProcess();
  return command_line->HasSwitch(switches::kKioskMode) ||
         IsRunningInForcedAppMode();
}

bool IsRunningInForcedAppMode() {
  return base::CommandLine::ForCurrentProcess()->HasSwitch(
      switches::kForceAppMode);
}

bool IsRunningInForcedAppModeForApp(const std::string& app_id) {
  DCHECK(!app_id.empty());

  std::optional<std::string> forced_app_mode_app = GetForcedAppModeApp();
  if (!forced_app_mode_app.has_value()) {
    return false;
  }

  return app_id == forced_app_mode_app.value();
}

bool IsWebKioskOriginAllowed(const PrefService* prefs, const GURL& origin) {
#if BUILDFLAG(IS_CHROMEOS)
  if (!chromeos::IsWebKioskSession()) {
    return false;
  }

  if (policy::IsOriginInAllowlist(
          origin, prefs, prefs::kKioskBrowserPermissionsAllowedForOrigins)) {
    return true;
  }

  // TODO(b/341057883): Add KioskBrowserPermissionsAllowedForOrigins check.
  std::vector<std::string> allowlist = base::SplitString(
      permissions::feature_params::kWebKioskBrowserPermissionsAllowlist.Get(),
      ",", base::TRIM_WHITESPACE, base::SPLIT_WANT_NONEMPTY);

  return IsOriginAllowedByPermissionFeatureFlag(allowlist, origin);
#else
  return false;
#endif
}